[PLUG] Using Wireshark
wes
plug at the-wes.com
Sat Dec 20 18:50:20 UTC 2008
On Sat, Dec 20, 2008 at 12:28 AM, Russell Senior
<russell at personaltelco.net>wrote:
> >>>>> "wes" == wes <plug at the-wes.com> writes:
>
> wes> It would also be useful if you used a hub in between the router
> wes> and modem, and connected 1 port to a machine you could listen
> wes> with.
>
> That won't tell you which machine it is though, because between the
> modem and router all the clients with have the public ipaddr,
> presuming that NAT'ing occurs at the router.
>
It'll get him that much closer, and be easier than setting up an individual
sniffer on each machine. worst case, he can unplug things one at a time
until it stops. Best case, there will be clues in the messages that may let
him know where it's coming from.
-wes
More information about the PLUG
mailing list